clprefsnetauth.c

来自「PGP8.0源码 请认真阅读您的文件包然后写出其具体功能」· C语言 代码 · 共 736 行 · 第 1/2 页

C
736
字号
/*____________________________________________________________________________
	Copyright (C) 2002 PGP Corporation
	All rights reserved.

	CLprefsNetAuth.c - handle PGPnet authentication preferences dialog

	$Id: CLprefsNetAuth.c,v 1.26 2002/09/23 08:47:41 wprice Exp $
____________________________________________________________________________*/
#include "pgpPFLConfig.h"

// project header files
#include "PGPclx.h"
#include "PGPvpnHelp.h"
#include "CLprefs.h"
#include "pgpImageList.h"
#include "pgpFileSpec.h"

// definitions
#define DELAYTIMER	321

// external globals
extern HINSTANCE	g_hInst;
extern HIMAGELIST	g_hilKeys;

static DWORD aAuthIds[] = {			// Help IDs
    IDC_PGPKEYLIST,				IDH_PGPCLPREF_PGPAUTHKEY,
	IDC_CLEARPGPKEY,			IDH_PGPCLPREF_CLEARPGPAUTHKEY,
	IDC_SELECTPGPKEY,			IDH_PGPCLPREF_SELECTPGPAUTHKEY,
	IDC_X509KEYEDIT,			IDH_PGPCLPREF_X509AUTHKEY,
	IDC_CLEARX509KEY,			IDH_PGPCLPREF_CLEARX509AUTHKEY,
	IDC_SELECTX509KEY,			IDH_PGPCLPREF_SELECTX509AUTHKEY,
	IDC_REQUIREVALIDCONFIG,		IDH_PGPCLPREF_REQUIREVALIDCONFIG,
	IDC_REQUIREVALIDUNCONFIG,	IDH_PGPCLPREF_REQUIREVALIDUNCONFIG,
	IDC_X509GROUPBOX,			-1,
	0,0
};


//	___________________________________________________
//
//  Display and handle selection of PGP keypair dialog

static PGPError
sSelectPGPKey (
		HWND				hwndParent,
		PPREFSDLGSTRUCT		ppds)
{

	PGPKeySetRef	keysetToDisplay	= kInvalidPGPKeySetRef;
	PGPKeySetRef	keysetPGP		= kInvalidPGPKeySetRef;
	PGPKeySetRef	keysetSelected	= kInvalidPGPKeySetRef;
	PGPFilterRef	filterCanSign	= kInvalidPGPFilterRef;
	PGPFilterRef	filterNotSplit	= kInvalidPGPFilterRef;
	PGPFilterRef	filter			= kInvalidPGPFilterRef;
	PGPKeyIterRef	keyiter			= kInvalidPGPKeyIterRef;
	PGPKeyDBObjRef	key				= kInvalidPGPKeyDBObjRef;
	PGPError		err				= kPGPError_NoErr;
	BOOL			bFoundSecretKey	= FALSE;

	CHAR			sz[128];
	PGPUInt32		uNumKeys;

	LoadString (g_hInst, IDS_SELECTPGPKEY, sz, sizeof(sz));

	// create keyset of all keys with PGP sigs
	err = PGPNewKeyDBObjBooleanFilter (ppds->context,
			kPGPKeyProperty_CanSign, TRUE, &filterCanSign); CKERR;
	err = PGPNewKeyDBObjBooleanFilter (ppds->context,
			kPGPKeyProperty_IsSecretShared, FALSE, &filterNotSplit); CKERR;
	err = PGPIntersectFilters (filterCanSign, filterNotSplit, &filter); CKERR;
	err = PGPFilterKeyDB (ppds->net.keydb, filter, &keysetToDisplay); CKERR;

	PGPCountKeys (keysetToDisplay, &uNumKeys);
	if (uNumKeys > 0)
	{
		err = PGPclSelectKeys (ppds->context, NULL, hwndParent, sz,
				keysetToDisplay, kPGPclSingleSelection,
				&keysetSelected); CKERR;

		err = PGPNewKeyIterFromKeySet (keysetSelected, &keyiter); CKERR;
		err = PGPKeyIterNextKeyDBObj (keyiter,
				kPGPKeyDBObjType_Key, &key); CKERR;

		if (PGPKeyDBObjRefIsValid (key))
			err = PGPGetKeyID (key, &ppds->net.keyidPGPAuth);
		if (IsntPGPError (err))
			ppds->net.bUsePGPAuthKey = TRUE;
		else
			ppds->net.bUsePGPAuthKey = FALSE;
	}
	else
	{
		PGPclMessageBox (hwndParent, IDS_CAPTIONALERT, 
				IDS_NOSECRETKEYS, MB_OK|MB_ICONEXCLAMATION);
		err = kPGPError_UserAbort;
	}

done:
	if (PGPFilterRefIsValid (filter))
		PGPFreeFilter (filter);
	else 
	{
		if (PGPFilterRefIsValid (filterNotSplit))
			PGPFreeFilter (filterNotSplit);
		if (PGPFilterRefIsValid (filterCanSign))
			PGPFreeFilter (filterCanSign);
	}
	if (PGPKeySetRefIsValid (keysetPGP))
		PGPFreeKeySet (keysetPGP);
	if (PGPKeySetRefIsValid (keysetToDisplay))
		PGPFreeKeySet (keysetToDisplay);
	if (PGPKeySetRefIsValid (keysetSelected))
		PGPFreeKeySet (keysetSelected);
	if (PGPKeyIterRefIsValid (keyiter))
		PGPFreeKeyIter (keyiter);

	return err;
}


//	____________________________________
//
//	open the keyring files specified in the PNCONFIG structure

static PGPError
sOpenNetKeyRings (
		HWND			hwnd,
		PPREFSDLGSTRUCT	ppds,
		UINT			uOpenFlags)
{
	PGPError		err				= kPGPError_FileNotFound;
	PFLFileSpecRef	filerefPriv		= NULL;
	PFLFileSpecRef	filerefPub		= NULL;

	if ((lstrlen (ppds->net.szPubringFile) > 0) &&
		(lstrlen (ppds->net.szSecringFile) > 0))
	{
		HCURSOR		hcursorOld;

		err = PFLNewFileSpecFromFullPath (
					PGPPeekContextMemoryMgr (ppds->context),
					ppds->net.szPubringFile, &filerefPub);
		if (IsPGPError (err))
			return err;

		err = PFLNewFileSpecFromFullPath (
					PGPPeekContextMemoryMgr (ppds->context),
					ppds->net.szSecringFile, &filerefPriv);
		if (IsPGPError (err))
			return err;

		hcursorOld = SetCursor (LoadCursor (NULL, IDC_WAIT));
		err = PGPOpenKeyDBFile (ppds->context, uOpenFlags,
						(PGPFileSpecRef)filerefPub,
						(PGPFileSpecRef)filerefPriv,
						&ppds->net.keydb);

		PFLFreeFileSpec (filerefPub);
		PFLFreeFileSpec (filerefPriv);

		SetCursor (hcursorOld);
	}

	return err;
}


//	____________________________________
//
//	get authentication key and sig refs from keyset

static PGPError
sGetConfiguredAuthKeys (
		PPREFSDLGSTRUCT		ppds,
		PGPKeyDBObjRef*		pkeyPGP,
		PGPKeyDBObjRef*		psigX509)
{
	PGPKeyIterRef	keyiter			= kInvalidPGPKeyIterRef;
	PGPKeySetRef	keysetX509		= kInvalidPGPKeySetRef;
	PGPKeyDBObjRef	keyX509			= kInvalidPGPKeyDBObjRef;
	PGPKeyDBObjRef	key				= kInvalidPGPKeyDBObjRef;
	PGPKeyDBObjRef	userid			= kInvalidPGPKeyDBObjRef;
	PGPKeyDBObjRef	sig				= kInvalidPGPKeyDBObjRef;
	PGPError		err				= kPGPError_NoErr;
	PGPByte*		pIASN			= NULL;
	PGPBoolean		bPGPKeyNotFound	= FALSE;

	PGPSize			size;

	*pkeyPGP	= kInvalidPGPKeyDBObjRef;
	*psigX509	= kInvalidPGPKeyDBObjRef;

	if (!PGPKeyDBRefIsValid (ppds->net.keydb))
		return kPGPError_BadParams;

	// get PGP key ref
	if (ppds->net.bUsePGPAuthKey)
	{
		err = PGPFindKeyByKeyID (ppds->net.keydb,
				&ppds->net.keyidPGPAuth, pkeyPGP);

		// if key is missing, we still want to look for X.509 key
		if (err == kPGPError_ItemNotFound)
		{
			err = kPGPError_NoErr;
			bPGPKeyNotFound = TRUE;
		}
		CKERR;
	}

	// get X.509 key
	if ((ppds->net.pX509AuthCertIASN != NULL) &&
		(ppds->net.bUseX509AuthKey))
	{
		err = PGPFindKeyByKeyID (ppds->net.keydb,
				&ppds->net.keyidX509Auth, &keyX509); CKERR;
	}

	// get X.509 sig
	if (PGPKeyDBObjRefIsValid (keyX509))
	{
		err = PGPNewOneKeySet (keyX509, &keysetX509); CKERR;
		err = PGPNewKeyIterFromKeySet (keysetX509, &keyiter); CKERR;

		err = PGPKeyIterNextKeyDBObj (keyiter,
				kPGPKeyDBObjType_Key, &key); CKERR;
		err = PGPKeyIterNextKeyDBObj (keyiter,
				kPGPKeyDBObjType_UserID, &userid); CKERR;
		while (userid)
		{
			PGPKeyIterNextKeyDBObj (keyiter,
					kPGPKeyDBObjType_Signature, &sig);

			while ( (PGPKeyDBObjRefIsValid (sig)) &&
					(*psigX509 == kInvalidPGPKeyDBObjRef))
			{
				size = 0;
				PGPGetKeyDBObjDataProperty (sig,
						kPGPSigProperty_X509IASN, NULL, 0, &size);
				if (size == ppds->net.uX509AuthCertIASNLength)
				{
					pIASN = PGPNewData (
								PGPPeekContextMemoryMgr (ppds->context),
								size, kPGPMemoryMgrFlags_Clear);
					if (pIASN)
					{
						err = PGPGetKeyDBObjDataProperty (sig,
								kPGPSigProperty_X509IASN, pIASN, size,
								&size); CKERR;

						if (pgpMemoryEqual (pIASN,
									ppds->net.pX509AuthCertIASN, size))
						{
							*psigX509 = sig;
						}

						PGPFreeData (pIASN);
						pIASN = NULL;
					}
				}
				PGPKeyIterNextKeyDBObj (keyiter,
						kPGPKeyDBObjType_Signature, &sig);
			}
			PGPKeyIterNextKeyDBObj (keyiter,
					kPGPKeyDBObjType_UserID, &userid);
		}
	}

done :
	if (pIASN != NULL)
		PGPFreeData (pIASN);
	if (PGPKeySetRefIsValid (keysetX509))
		PGPFreeKeySet (keysetX509);
	if (PGPKeyIterRefIsValid (keyiter))
		PGPFreeKeyIter (keyiter);

	if (IsntPGPError (err) && (bPGPKeyNotFound))
		err = kPGPError_ItemNotFound;

	return err;
}


//	____________________________________
//
//	put name of key into listview

static VOID
sSetKeyLists (
		HWND			hwnd,
		PPREFSDLGSTRUCT	ppds)
{
	LV_ITEM			lvi;
	CHAR			sz[kPGPMaxUserIDSize +1];
	CHAR			szID[kPGPMaxKeyIDStringSize +1];
	UINT			u;
	PGPKeyDBObjRef	keyPGP;
	PGPKeyDBObjRef	sigX509;
	BOOL			bEnableClear;
	BOOL			bX509Key;
	PGPPrefRef		prefrefNet;
	PGPSize			size;
	HICON			hIcon;

	ListView_DeleteAllItems (ppds->net.hwndPGPKeyList);
	SetDlgItemText (hwnd, IDC_X509KEYEDIT, "");
	EnableWindow (GetDlgItem (hwnd, IDC_X509KEYEDIT), FALSE);

	prefrefNet = CLGetPrefRefNet (ppds);
	sGetConfiguredAuthKeys (ppds, &keyPGP, &sigX509);

	lvi.mask = LVIF_TEXT|LVIF_IMAGE;
	lvi.iItem = 0;
	lvi.iSubItem = 0;
	lvi.pszText = sz;
	sz[0] = '\0';

	// PGP Authentication key
	bEnableClear = FALSE;

	if (ppds->net.bUsePGPAuthKey)
	{
		if (PGPKeyDBObjRefIsValid (keyPGP))
		{
			lvi.iImage = PGPclDetermineKeyIcon (keyPGP, NULL);
			sz[0] = '\0';
			PGPclGetPrimaryUserIDName (keyPGP, sz, sizeof(sz), &u);
		}
		else
		{
			lvi.iImage = IDX_NONE;
			LoadString (g_hInst, IDS_UNKNOWNKEY, sz, sizeof(sz));
			PGPGetKeyIDString (&ppds->net.keyidPGPAuth,
					kPGPKeyIDString_Abbreviated, szID);
			lstrcat (sz, szID);
		}
		ListView_InsertItem (ppds->net.hwndPGPKeyList, &lvi);
		InvalidateRect (ppds->net.hwndPGPKeyList, NULL, FALSE);
		bEnableClear = TRUE;
	}
	if (!CLDisablePrefControl (hwnd, IDC_CLEARPGPKEY, ppds,
			prefrefNet, kPGPNetPrefPGPAuthKeyID))
	{
		EnableWindow (GetDlgItem (hwnd, IDC_CLEARPGPKEY), bEnableClear);
	}

	// then get X509 auth key
	bEnableClear = FALSE;
	bX509Key = FALSE;

	if(PGPclIsAuthorized())
	{
		if (ppds->net.bUseX509AuthKey)
		{
			if (PGPKeyDBObjRefIsValid (sigX509))
			{
				LPSTR	psz	= NULL;

				PGPGetKeyDBObjAllocatedDataProperty (sigX509, 
						kPGPSigProperty_X509LongName, &psz, &size);
				SetDlgItemText (hwnd, IDC_X509KEYEDIT, psz);
				if (IsntNull (psz))
					PGPFreeData (psz);

				EnableWindow (GetDlgItem (hwnd, IDC_X509KEYEDIT), TRUE);

				u = PGPclDetermineCertIcon (sigX509, NULL, NULL);
				hIcon = ImageList_GetIcon (g_hilKeys, u, ILD_TRANSPARENT);

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?